ScreenShot
| Created | 2023.08.03 10:25 | Machine | s1_win7_x6403 |
| Filename | Excel.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 44 detected (AIDetectMalware, Siggen21, GenericKD, Artemis, Save, Genus, KTST, Attribute, HighConfidence, malicious, high confidence, ModiLoader, score, bqmo, DropperX, Nekark, nbrwq, ObfuscatedPoly, Static AI, Suspicious PE, Casdet, Detected, BScope, RmRAT, ai score=83, unsafe, Chgt, R002H0DH223, Noon, TINB2tV9JaQ, susgen, confidence) | ||
| md5 | 79e5648312a58377ef76d2346404ef12 | ||
| sha256 | 7d537e6551b2b3274942aa184949fda010e0c2a1a5ce9b8a3924f34b6e79ad9e | ||
| ssdeep | 12288:7q9zUX+2NAOdFyglsKMlCbuGg4Ut8wNCPAJFfriiiag72asGS99Spo+:uF8NAOLyglAlCb7gX/NCoziiiXDp | ||
| imphash | 8e06c93dcf3919c71d43e1595ee9d9a7 | ||
| impfuzzy | 192:o13MDbuuaxSUvK9kko1XE73cg1Q+POQW6:C3maq9kU1vPOQ9 | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 44 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4b8778 SysFreeString
0x4b877c SysReAllocStringLen
0x4b8780 SysAllocStringLen
advapi32.dll
0x4b8788 RegQueryValueExA
0x4b878c RegOpenKeyExA
0x4b8790 RegCloseKey
user32.dll
0x4b8798 GetKeyboardType
0x4b879c DestroyWindow
0x4b87a0 LoadStringA
0x4b87a4 MessageBoxA
0x4b87a8 CharNextA
kernel32.dll
0x4b87b0 GetACP
0x4b87b4 Sleep
0x4b87b8 VirtualFree
0x4b87bc VirtualAlloc
0x4b87c0 GetCurrentThreadId
0x4b87c4 InterlockedDecrement
0x4b87c8 InterlockedIncrement
0x4b87cc VirtualQuery
0x4b87d0 WideCharToMultiByte
0x4b87d4 MultiByteToWideChar
0x4b87d8 lstrlenA
0x4b87dc lstrcpynA
0x4b87e0 LoadLibraryExA
0x4b87e4 GetThreadLocale
0x4b87e8 GetStartupInfoA
0x4b87ec GetProcAddress
0x4b87f0 GetModuleHandleA
0x4b87f4 GetModuleFileNameA
0x4b87f8 GetLocaleInfoA
0x4b87fc GetCommandLineA
0x4b8800 FreeLibrary
0x4b8804 FindFirstFileA
0x4b8808 FindClose
0x4b880c ExitProcess
0x4b8810 CompareStringA
0x4b8814 WriteFile
0x4b8818 UnhandledExceptionFilter
0x4b881c RtlUnwind
0x4b8820 RaiseException
0x4b8824 GetStdHandle
kernel32.dll
0x4b882c TlsSetValue
0x4b8830 TlsGetValue
0x4b8834 LocalAlloc
0x4b8838 GetModuleHandleA
user32.dll
0x4b8840 CreateWindowExA
0x4b8844 WindowFromPoint
0x4b8848 WaitMessage
0x4b884c UpdateWindow
0x4b8850 UnregisterClassA
0x4b8854 UnhookWindowsHookEx
0x4b8858 TranslateMessage
0x4b885c TranslateMDISysAccel
0x4b8860 TrackPopupMenu
0x4b8864 SystemParametersInfoA
0x4b8868 ShowWindow
0x4b886c ShowScrollBar
0x4b8870 ShowOwnedPopups
0x4b8874 SetWindowsHookExA
0x4b8878 SetWindowTextA
0x4b887c SetWindowPos
0x4b8880 SetWindowPlacement
0x4b8884 SetWindowLongW
0x4b8888 SetWindowLongA
0x4b888c SetTimer
0x4b8890 SetScrollRange
0x4b8894 SetScrollPos
0x4b8898 SetScrollInfo
0x4b889c SetRect
0x4b88a0 SetPropA
0x4b88a4 SetParent
0x4b88a8 SetMenuItemInfoA
0x4b88ac SetMenu
0x4b88b0 SetForegroundWindow
0x4b88b4 SetFocus
0x4b88b8 SetCursor
0x4b88bc SetClassLongA
0x4b88c0 SetCapture
0x4b88c4 SetActiveWindow
0x4b88c8 SendMessageW
0x4b88cc SendMessageA
0x4b88d0 ScrollWindow
0x4b88d4 ScreenToClient
0x4b88d8 RemovePropA
0x4b88dc RemoveMenu
0x4b88e0 ReleaseDC
0x4b88e4 ReleaseCapture
0x4b88e8 RegisterWindowMessageA
0x4b88ec RegisterClipboardFormatA
0x4b88f0 RegisterClassA
0x4b88f4 RedrawWindow
0x4b88f8 PtInRect
0x4b88fc PostQuitMessage
0x4b8900 PostMessageA
0x4b8904 PeekMessageW
0x4b8908 PeekMessageA
0x4b890c OffsetRect
0x4b8910 OemToCharA
0x4b8914 MessageBoxA
0x4b8918 MapWindowPoints
0x4b891c MapVirtualKeyA
0x4b8920 LoadStringA
0x4b8924 LoadKeyboardLayoutA
0x4b8928 LoadIconA
0x4b892c LoadCursorA
0x4b8930 LoadBitmapA
0x4b8934 KillTimer
0x4b8938 IsZoomed
0x4b893c IsWindowVisible
0x4b8940 IsWindowUnicode
0x4b8944 IsWindowEnabled
0x4b8948 IsWindow
0x4b894c IsRectEmpty
0x4b8950 IsIconic
0x4b8954 IsDialogMessageW
0x4b8958 IsDialogMessageA
0x4b895c IsChild
0x4b8960 InvalidateRect
0x4b8964 IntersectRect
0x4b8968 InsertMenuItemA
0x4b896c InsertMenuA
0x4b8970 InflateRect
0x4b8974 GetWindowThreadProcessId
0x4b8978 GetWindowTextA
0x4b897c GetWindowRect
0x4b8980 GetWindowPlacement
0x4b8984 GetWindowLongW
0x4b8988 GetWindowLongA
0x4b898c GetWindowInfo
0x4b8990 GetWindowDC
0x4b8994 GetTopWindow
0x4b8998 GetSystemMetrics
0x4b899c GetSystemMenu
0x4b89a0 GetSysColorBrush
0x4b89a4 GetSysColor
0x4b89a8 GetSubMenu
0x4b89ac GetScrollRange
0x4b89b0 GetScrollPos
0x4b89b4 GetScrollInfo
0x4b89b8 GetPropA
0x4b89bc GetParent
0x4b89c0 GetWindow
0x4b89c4 GetMessagePos
0x4b89c8 GetMenuStringA
0x4b89cc GetMenuState
0x4b89d0 GetMenuItemInfoA
0x4b89d4 GetMenuItemID
0x4b89d8 GetMenuItemCount
0x4b89dc GetMenu
0x4b89e0 GetLastActivePopup
0x4b89e4 GetKeyboardState
0x4b89e8 GetKeyboardLayoutNameA
0x4b89ec GetKeyboardLayoutList
0x4b89f0 GetKeyboardLayout
0x4b89f4 GetKeyState
0x4b89f8 GetKeyNameTextA
0x4b89fc GetIconInfo
0x4b8a00 GetForegroundWindow
0x4b8a04 GetFocus
0x4b8a08 GetDesktopWindow
0x4b8a0c GetDCEx
0x4b8a10 GetDC
0x4b8a14 GetCursorPos
0x4b8a18 GetCursor
0x4b8a1c GetClientRect
0x4b8a20 GetClassLongA
0x4b8a24 GetClassInfoA
0x4b8a28 GetCapture
0x4b8a2c GetActiveWindow
0x4b8a30 FrameRect
0x4b8a34 FindWindowA
0x4b8a38 FillRect
0x4b8a3c EqualRect
0x4b8a40 EnumWindows
0x4b8a44 EnumThreadWindows
0x4b8a48 EnumChildWindows
0x4b8a4c EndPaint
0x4b8a50 EnableWindow
0x4b8a54 EnableScrollBar
0x4b8a58 EnableMenuItem
0x4b8a5c DrawTextA
0x4b8a60 DrawMenuBar
0x4b8a64 DrawIconEx
0x4b8a68 DrawIcon
0x4b8a6c DrawFrameControl
0x4b8a70 DrawEdge
0x4b8a74 DispatchMessageW
0x4b8a78 DispatchMessageA
0x4b8a7c DestroyWindow
0x4b8a80 DestroyMenu
0x4b8a84 DestroyIcon
0x4b8a88 DestroyCursor
0x4b8a8c DeleteMenu
0x4b8a90 DefWindowProcA
0x4b8a94 DefMDIChildProcA
0x4b8a98 DefFrameProcA
0x4b8a9c CreatePopupMenu
0x4b8aa0 CreateMenu
0x4b8aa4 CreateIcon
0x4b8aa8 ClientToScreen
0x4b8aac CheckMenuItem
0x4b8ab0 CallWindowProcA
0x4b8ab4 CallNextHookEx
0x4b8ab8 BeginPaint
0x4b8abc CharNextA
0x4b8ac0 CharLowerA
0x4b8ac4 CharToOemA
0x4b8ac8 AdjustWindowRectEx
0x4b8acc ActivateKeyboardLayout
gdi32.dll
0x4b8ad4 UnrealizeObject
0x4b8ad8 StretchBlt
0x4b8adc SetWindowOrgEx
0x4b8ae0 SetViewportOrgEx
0x4b8ae4 SetTextColor
0x4b8ae8 SetStretchBltMode
0x4b8aec SetROP2
0x4b8af0 SetPixel
0x4b8af4 SetDIBColorTable
0x4b8af8 SetBrushOrgEx
0x4b8afc SetBkMode
0x4b8b00 SetBkColor
0x4b8b04 SelectPalette
0x4b8b08 SelectObject
0x4b8b0c SaveDC
0x4b8b10 RestoreDC
0x4b8b14 RectVisible
0x4b8b18 RealizePalette
0x4b8b1c PatBlt
0x4b8b20 MoveToEx
0x4b8b24 MaskBlt
0x4b8b28 LineTo
0x4b8b2c IntersectClipRect
0x4b8b30 GetWindowOrgEx
0x4b8b34 GetTextMetricsA
0x4b8b38 GetTextExtentPoint32A
0x4b8b3c GetSystemPaletteEntries
0x4b8b40 GetStockObject
0x4b8b44 GetRgnBox
0x4b8b48 GetPixel
0x4b8b4c GetPaletteEntries
0x4b8b50 GetObjectA
0x4b8b54 GetDeviceCaps
0x4b8b58 GetDIBits
0x4b8b5c GetDIBColorTable
0x4b8b60 GetDCOrgEx
0x4b8b64 GetCurrentPositionEx
0x4b8b68 GetClipBox
0x4b8b6c GetBrushOrgEx
0x4b8b70 GetBitmapBits
0x4b8b74 ExcludeClipRect
0x4b8b78 DeleteObject
0x4b8b7c DeleteDC
0x4b8b80 CreateSolidBrush
0x4b8b84 CreatePenIndirect
0x4b8b88 CreatePalette
0x4b8b8c CreateHalftonePalette
0x4b8b90 CreateFontIndirectA
0x4b8b94 CreateDIBitmap
0x4b8b98 CreateDIBSection
0x4b8b9c CreateCompatibleDC
0x4b8ba0 CreateCompatibleBitmap
0x4b8ba4 CreateBrushIndirect
0x4b8ba8 CreateBitmap
0x4b8bac BitBlt
version.dll
0x4b8bb4 VerQueryValueA
0x4b8bb8 GetFileVersionInfoSizeA
0x4b8bbc GetFileVersionInfoA
kernel32.dll
0x4b8bc4 lstrcpyA
0x4b8bc8 WriteFile
0x4b8bcc WaitForSingleObject
0x4b8bd0 VirtualQuery
0x4b8bd4 VirtualProtect
0x4b8bd8 VirtualAllocEx
0x4b8bdc VirtualAlloc
0x4b8be0 SizeofResource
0x4b8be4 SetThreadLocale
0x4b8be8 SetFilePointer
0x4b8bec SetEvent
0x4b8bf0 SetErrorMode
0x4b8bf4 SetEndOfFile
0x4b8bf8 ResetEvent
0x4b8bfc ReadFile
0x4b8c00 MulDiv
0x4b8c04 LockResource
0x4b8c08 LoadResource
0x4b8c0c LoadLibraryExA
0x4b8c10 LoadLibraryA
0x4b8c14 LeaveCriticalSection
0x4b8c18 InitializeCriticalSection
0x4b8c1c GlobalFindAtomA
0x4b8c20 GlobalDeleteAtom
0x4b8c24 GlobalAddAtomA
0x4b8c28 GetVersionExA
0x4b8c2c GetVersion
0x4b8c30 GetTickCount
0x4b8c34 GetThreadLocale
0x4b8c38 GetStdHandle
0x4b8c3c GetProcAddress
0x4b8c40 GetModuleHandleW
0x4b8c44 GetModuleHandleA
0x4b8c48 GetModuleFileNameA
0x4b8c4c GetLocaleInfoA
0x4b8c50 GetLocalTime
0x4b8c54 GetLastError
0x4b8c58 GetFullPathNameA
0x4b8c5c GetDiskFreeSpaceA
0x4b8c60 GetDateFormatA
0x4b8c64 GetCurrentThreadId
0x4b8c68 GetCurrentProcessId
0x4b8c6c GetCurrentProcess
0x4b8c70 GetCPInfo
0x4b8c74 FreeResource
0x4b8c78 InterlockedExchange
0x4b8c7c FreeLibrary
0x4b8c80 FormatMessageA
0x4b8c84 FindResourceA
0x4b8c88 EnumCalendarInfoA
0x4b8c8c EnterCriticalSection
0x4b8c90 DeleteCriticalSection
0x4b8c94 CreateThread
0x4b8c98 CreateFileA
0x4b8c9c CreateEventA
0x4b8ca0 CompareStringA
0x4b8ca4 CloseHandle
advapi32.dll
0x4b8cac RegQueryValueExA
0x4b8cb0 RegOpenKeyExA
0x4b8cb4 RegFlushKey
0x4b8cb8 RegCloseKey
kernel32.dll
0x4b8cc0 Sleep
oleaut32.dll
0x4b8cc8 SafeArrayPtrOfIndex
0x4b8ccc SafeArrayGetUBound
0x4b8cd0 SafeArrayGetLBound
0x4b8cd4 SafeArrayCreate
0x4b8cd8 VariantChangeType
0x4b8cdc VariantCopy
0x4b8ce0 VariantClear
0x4b8ce4 VariantInit
comctl32.dll
0x4b8cec _TrackMouseEvent
0x4b8cf0 ImageList_SetIconSize
0x4b8cf4 ImageList_GetIconSize
0x4b8cf8 ImageList_Write
0x4b8cfc ImageList_Read
0x4b8d00 ImageList_DragShowNolock
0x4b8d04 ImageList_DragMove
0x4b8d08 ImageList_DragLeave
0x4b8d0c ImageList_DragEnter
0x4b8d10 ImageList_EndDrag
0x4b8d14 ImageList_BeginDrag
0x4b8d18 ImageList_Remove
0x4b8d1c ImageList_DrawEx
0x4b8d20 ImageList_Draw
0x4b8d24 ImageList_GetBkColor
0x4b8d28 ImageList_SetBkColor
0x4b8d2c ImageList_Add
0x4b8d30 ImageList_GetImageCount
0x4b8d34 ImageList_Destroy
0x4b8d38 ImageList_Create
*invalid*
0x4b8d40 NtWriteVirtualMemory
Kernel32
0x4b8d48 GetProcAddress
uRL
0x4b8d50 AutodialHookCallback
ntdll
0x4b8d58 NtQueryInformationFile
0x4b8d5c NtOpenFile
0x4b8d60 NtClose
0x4b8d64 NtReadFile
ntdll
0x4b8d6c RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none
oleaut32.dll
0x4b8778 SysFreeString
0x4b877c SysReAllocStringLen
0x4b8780 SysAllocStringLen
advapi32.dll
0x4b8788 RegQueryValueExA
0x4b878c RegOpenKeyExA
0x4b8790 RegCloseKey
user32.dll
0x4b8798 GetKeyboardType
0x4b879c DestroyWindow
0x4b87a0 LoadStringA
0x4b87a4 MessageBoxA
0x4b87a8 CharNextA
kernel32.dll
0x4b87b0 GetACP
0x4b87b4 Sleep
0x4b87b8 VirtualFree
0x4b87bc VirtualAlloc
0x4b87c0 GetCurrentThreadId
0x4b87c4 InterlockedDecrement
0x4b87c8 InterlockedIncrement
0x4b87cc VirtualQuery
0x4b87d0 WideCharToMultiByte
0x4b87d4 MultiByteToWideChar
0x4b87d8 lstrlenA
0x4b87dc lstrcpynA
0x4b87e0 LoadLibraryExA
0x4b87e4 GetThreadLocale
0x4b87e8 GetStartupInfoA
0x4b87ec GetProcAddress
0x4b87f0 GetModuleHandleA
0x4b87f4 GetModuleFileNameA
0x4b87f8 GetLocaleInfoA
0x4b87fc GetCommandLineA
0x4b8800 FreeLibrary
0x4b8804 FindFirstFileA
0x4b8808 FindClose
0x4b880c ExitProcess
0x4b8810 CompareStringA
0x4b8814 WriteFile
0x4b8818 UnhandledExceptionFilter
0x4b881c RtlUnwind
0x4b8820 RaiseException
0x4b8824 GetStdHandle
kernel32.dll
0x4b882c TlsSetValue
0x4b8830 TlsGetValue
0x4b8834 LocalAlloc
0x4b8838 GetModuleHandleA
user32.dll
0x4b8840 CreateWindowExA
0x4b8844 WindowFromPoint
0x4b8848 WaitMessage
0x4b884c UpdateWindow
0x4b8850 UnregisterClassA
0x4b8854 UnhookWindowsHookEx
0x4b8858 TranslateMessage
0x4b885c TranslateMDISysAccel
0x4b8860 TrackPopupMenu
0x4b8864 SystemParametersInfoA
0x4b8868 ShowWindow
0x4b886c ShowScrollBar
0x4b8870 ShowOwnedPopups
0x4b8874 SetWindowsHookExA
0x4b8878 SetWindowTextA
0x4b887c SetWindowPos
0x4b8880 SetWindowPlacement
0x4b8884 SetWindowLongW
0x4b8888 SetWindowLongA
0x4b888c SetTimer
0x4b8890 SetScrollRange
0x4b8894 SetScrollPos
0x4b8898 SetScrollInfo
0x4b889c SetRect
0x4b88a0 SetPropA
0x4b88a4 SetParent
0x4b88a8 SetMenuItemInfoA
0x4b88ac SetMenu
0x4b88b0 SetForegroundWindow
0x4b88b4 SetFocus
0x4b88b8 SetCursor
0x4b88bc SetClassLongA
0x4b88c0 SetCapture
0x4b88c4 SetActiveWindow
0x4b88c8 SendMessageW
0x4b88cc SendMessageA
0x4b88d0 ScrollWindow
0x4b88d4 ScreenToClient
0x4b88d8 RemovePropA
0x4b88dc RemoveMenu
0x4b88e0 ReleaseDC
0x4b88e4 ReleaseCapture
0x4b88e8 RegisterWindowMessageA
0x4b88ec RegisterClipboardFormatA
0x4b88f0 RegisterClassA
0x4b88f4 RedrawWindow
0x4b88f8 PtInRect
0x4b88fc PostQuitMessage
0x4b8900 PostMessageA
0x4b8904 PeekMessageW
0x4b8908 PeekMessageA
0x4b890c OffsetRect
0x4b8910 OemToCharA
0x4b8914 MessageBoxA
0x4b8918 MapWindowPoints
0x4b891c MapVirtualKeyA
0x4b8920 LoadStringA
0x4b8924 LoadKeyboardLayoutA
0x4b8928 LoadIconA
0x4b892c LoadCursorA
0x4b8930 LoadBitmapA
0x4b8934 KillTimer
0x4b8938 IsZoomed
0x4b893c IsWindowVisible
0x4b8940 IsWindowUnicode
0x4b8944 IsWindowEnabled
0x4b8948 IsWindow
0x4b894c IsRectEmpty
0x4b8950 IsIconic
0x4b8954 IsDialogMessageW
0x4b8958 IsDialogMessageA
0x4b895c IsChild
0x4b8960 InvalidateRect
0x4b8964 IntersectRect
0x4b8968 InsertMenuItemA
0x4b896c InsertMenuA
0x4b8970 InflateRect
0x4b8974 GetWindowThreadProcessId
0x4b8978 GetWindowTextA
0x4b897c GetWindowRect
0x4b8980 GetWindowPlacement
0x4b8984 GetWindowLongW
0x4b8988 GetWindowLongA
0x4b898c GetWindowInfo
0x4b8990 GetWindowDC
0x4b8994 GetTopWindow
0x4b8998 GetSystemMetrics
0x4b899c GetSystemMenu
0x4b89a0 GetSysColorBrush
0x4b89a4 GetSysColor
0x4b89a8 GetSubMenu
0x4b89ac GetScrollRange
0x4b89b0 GetScrollPos
0x4b89b4 GetScrollInfo
0x4b89b8 GetPropA
0x4b89bc GetParent
0x4b89c0 GetWindow
0x4b89c4 GetMessagePos
0x4b89c8 GetMenuStringA
0x4b89cc GetMenuState
0x4b89d0 GetMenuItemInfoA
0x4b89d4 GetMenuItemID
0x4b89d8 GetMenuItemCount
0x4b89dc GetMenu
0x4b89e0 GetLastActivePopup
0x4b89e4 GetKeyboardState
0x4b89e8 GetKeyboardLayoutNameA
0x4b89ec GetKeyboardLayoutList
0x4b89f0 GetKeyboardLayout
0x4b89f4 GetKeyState
0x4b89f8 GetKeyNameTextA
0x4b89fc GetIconInfo
0x4b8a00 GetForegroundWindow
0x4b8a04 GetFocus
0x4b8a08 GetDesktopWindow
0x4b8a0c GetDCEx
0x4b8a10 GetDC
0x4b8a14 GetCursorPos
0x4b8a18 GetCursor
0x4b8a1c GetClientRect
0x4b8a20 GetClassLongA
0x4b8a24 GetClassInfoA
0x4b8a28 GetCapture
0x4b8a2c GetActiveWindow
0x4b8a30 FrameRect
0x4b8a34 FindWindowA
0x4b8a38 FillRect
0x4b8a3c EqualRect
0x4b8a40 EnumWindows
0x4b8a44 EnumThreadWindows
0x4b8a48 EnumChildWindows
0x4b8a4c EndPaint
0x4b8a50 EnableWindow
0x4b8a54 EnableScrollBar
0x4b8a58 EnableMenuItem
0x4b8a5c DrawTextA
0x4b8a60 DrawMenuBar
0x4b8a64 DrawIconEx
0x4b8a68 DrawIcon
0x4b8a6c DrawFrameControl
0x4b8a70 DrawEdge
0x4b8a74 DispatchMessageW
0x4b8a78 DispatchMessageA
0x4b8a7c DestroyWindow
0x4b8a80 DestroyMenu
0x4b8a84 DestroyIcon
0x4b8a88 DestroyCursor
0x4b8a8c DeleteMenu
0x4b8a90 DefWindowProcA
0x4b8a94 DefMDIChildProcA
0x4b8a98 DefFrameProcA
0x4b8a9c CreatePopupMenu
0x4b8aa0 CreateMenu
0x4b8aa4 CreateIcon
0x4b8aa8 ClientToScreen
0x4b8aac CheckMenuItem
0x4b8ab0 CallWindowProcA
0x4b8ab4 CallNextHookEx
0x4b8ab8 BeginPaint
0x4b8abc CharNextA
0x4b8ac0 CharLowerA
0x4b8ac4 CharToOemA
0x4b8ac8 AdjustWindowRectEx
0x4b8acc ActivateKeyboardLayout
gdi32.dll
0x4b8ad4 UnrealizeObject
0x4b8ad8 StretchBlt
0x4b8adc SetWindowOrgEx
0x4b8ae0 SetViewportOrgEx
0x4b8ae4 SetTextColor
0x4b8ae8 SetStretchBltMode
0x4b8aec SetROP2
0x4b8af0 SetPixel
0x4b8af4 SetDIBColorTable
0x4b8af8 SetBrushOrgEx
0x4b8afc SetBkMode
0x4b8b00 SetBkColor
0x4b8b04 SelectPalette
0x4b8b08 SelectObject
0x4b8b0c SaveDC
0x4b8b10 RestoreDC
0x4b8b14 RectVisible
0x4b8b18 RealizePalette
0x4b8b1c PatBlt
0x4b8b20 MoveToEx
0x4b8b24 MaskBlt
0x4b8b28 LineTo
0x4b8b2c IntersectClipRect
0x4b8b30 GetWindowOrgEx
0x4b8b34 GetTextMetricsA
0x4b8b38 GetTextExtentPoint32A
0x4b8b3c GetSystemPaletteEntries
0x4b8b40 GetStockObject
0x4b8b44 GetRgnBox
0x4b8b48 GetPixel
0x4b8b4c GetPaletteEntries
0x4b8b50 GetObjectA
0x4b8b54 GetDeviceCaps
0x4b8b58 GetDIBits
0x4b8b5c GetDIBColorTable
0x4b8b60 GetDCOrgEx
0x4b8b64 GetCurrentPositionEx
0x4b8b68 GetClipBox
0x4b8b6c GetBrushOrgEx
0x4b8b70 GetBitmapBits
0x4b8b74 ExcludeClipRect
0x4b8b78 DeleteObject
0x4b8b7c DeleteDC
0x4b8b80 CreateSolidBrush
0x4b8b84 CreatePenIndirect
0x4b8b88 CreatePalette
0x4b8b8c CreateHalftonePalette
0x4b8b90 CreateFontIndirectA
0x4b8b94 CreateDIBitmap
0x4b8b98 CreateDIBSection
0x4b8b9c CreateCompatibleDC
0x4b8ba0 CreateCompatibleBitmap
0x4b8ba4 CreateBrushIndirect
0x4b8ba8 CreateBitmap
0x4b8bac BitBlt
version.dll
0x4b8bb4 VerQueryValueA
0x4b8bb8 GetFileVersionInfoSizeA
0x4b8bbc GetFileVersionInfoA
kernel32.dll
0x4b8bc4 lstrcpyA
0x4b8bc8 WriteFile
0x4b8bcc WaitForSingleObject
0x4b8bd0 VirtualQuery
0x4b8bd4 VirtualProtect
0x4b8bd8 VirtualAllocEx
0x4b8bdc VirtualAlloc
0x4b8be0 SizeofResource
0x4b8be4 SetThreadLocale
0x4b8be8 SetFilePointer
0x4b8bec SetEvent
0x4b8bf0 SetErrorMode
0x4b8bf4 SetEndOfFile
0x4b8bf8 ResetEvent
0x4b8bfc ReadFile
0x4b8c00 MulDiv
0x4b8c04 LockResource
0x4b8c08 LoadResource
0x4b8c0c LoadLibraryExA
0x4b8c10 LoadLibraryA
0x4b8c14 LeaveCriticalSection
0x4b8c18 InitializeCriticalSection
0x4b8c1c GlobalFindAtomA
0x4b8c20 GlobalDeleteAtom
0x4b8c24 GlobalAddAtomA
0x4b8c28 GetVersionExA
0x4b8c2c GetVersion
0x4b8c30 GetTickCount
0x4b8c34 GetThreadLocale
0x4b8c38 GetStdHandle
0x4b8c3c GetProcAddress
0x4b8c40 GetModuleHandleW
0x4b8c44 GetModuleHandleA
0x4b8c48 GetModuleFileNameA
0x4b8c4c GetLocaleInfoA
0x4b8c50 GetLocalTime
0x4b8c54 GetLastError
0x4b8c58 GetFullPathNameA
0x4b8c5c GetDiskFreeSpaceA
0x4b8c60 GetDateFormatA
0x4b8c64 GetCurrentThreadId
0x4b8c68 GetCurrentProcessId
0x4b8c6c GetCurrentProcess
0x4b8c70 GetCPInfo
0x4b8c74 FreeResource
0x4b8c78 InterlockedExchange
0x4b8c7c FreeLibrary
0x4b8c80 FormatMessageA
0x4b8c84 FindResourceA
0x4b8c88 EnumCalendarInfoA
0x4b8c8c EnterCriticalSection
0x4b8c90 DeleteCriticalSection
0x4b8c94 CreateThread
0x4b8c98 CreateFileA
0x4b8c9c CreateEventA
0x4b8ca0 CompareStringA
0x4b8ca4 CloseHandle
advapi32.dll
0x4b8cac RegQueryValueExA
0x4b8cb0 RegOpenKeyExA
0x4b8cb4 RegFlushKey
0x4b8cb8 RegCloseKey
kernel32.dll
0x4b8cc0 Sleep
oleaut32.dll
0x4b8cc8 SafeArrayPtrOfIndex
0x4b8ccc SafeArrayGetUBound
0x4b8cd0 SafeArrayGetLBound
0x4b8cd4 SafeArrayCreate
0x4b8cd8 VariantChangeType
0x4b8cdc VariantCopy
0x4b8ce0 VariantClear
0x4b8ce4 VariantInit
comctl32.dll
0x4b8cec _TrackMouseEvent
0x4b8cf0 ImageList_SetIconSize
0x4b8cf4 ImageList_GetIconSize
0x4b8cf8 ImageList_Write
0x4b8cfc ImageList_Read
0x4b8d00 ImageList_DragShowNolock
0x4b8d04 ImageList_DragMove
0x4b8d08 ImageList_DragLeave
0x4b8d0c ImageList_DragEnter
0x4b8d10 ImageList_EndDrag
0x4b8d14 ImageList_BeginDrag
0x4b8d18 ImageList_Remove
0x4b8d1c ImageList_DrawEx
0x4b8d20 ImageList_Draw
0x4b8d24 ImageList_GetBkColor
0x4b8d28 ImageList_SetBkColor
0x4b8d2c ImageList_Add
0x4b8d30 ImageList_GetImageCount
0x4b8d34 ImageList_Destroy
0x4b8d38 ImageList_Create
*invalid*
0x4b8d40 NtWriteVirtualMemory
Kernel32
0x4b8d48 GetProcAddress
uRL
0x4b8d50 AutodialHookCallback
ntdll
0x4b8d58 NtQueryInformationFile
0x4b8d5c NtOpenFile
0x4b8d60 NtClose
0x4b8d64 NtReadFile
ntdll
0x4b8d6c RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none